package cn.lijiajia3515.cairo.auth.config.security;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;

@Configuration(proxyBeanMethods = false)
public class RoleConfig {
	// -------------- 权限树 配置 --------------

	@Bean
	RoleHierarchyImpl cairoRoleHierarchy() {
		RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
		roleHierarchy.setHierarchy("" +
			"admin > scp_admin\n" +

			"scp_admin > scp_account\n" +
			"scp_account > scp_save:account\n" +
			"scp_account > scp_modify:account\n" +
			"scp_account > scp_delete:account\n" +
			"scp_save:account > scp_find:account\n" +
			"scp_modify:account > scp_find:account\n" +
			"scp_delete:account > scp_find:account\n" +
			"scp_find:account > scp_find:role\n" +
			"scp_find:account > scp_find:department\n" +

			"scp_admin > scp_role\n" +
			"scp_scp_role > scp_role\n" +
			"scp_role > scp_save:role\n" +
			"scp_role > scp_modify:role\n" +
			"scp_role > scp_delete:role\n" +
			"scp_save:role > scp_find:role\n" +
			"scp_modify:role > scp_find:role\n" +
			"scp_delete:role > scp_find:role\n" +

			"scp_admin > scp_department\n" +
			"scp_department > scp_save:department\n" +
			"scp_department > scp_modify:department\n" +
			"scp_department > scp_delete:department\n" +
			"scp_save:department > scp_find:department\n" +
			"scp_modify:department > scp_find:department\n" +
			"scp_delete:department > scp_find:department\n" +

			"scp_admin > scp_client\n" +
			"scp_client > scp_save:client\n" +
			"scp_client > scp_modify:client\n" +
			"scp_client > scp_delete:client\n" +
			"scp_save:client > scp_find:client\n" +
			"scp_modify:client > scp_find:client\n" +
			"scp_delete:client > scp_find:client\n" +

			""
		);
		return roleHierarchy;
	}
}
